Cyberattacks of 2021 that sparked the most fear among IT and security professionals

=========================================================

In the ever-evolving world of technology, 2021 has proven to be a year of significant security challenges. From zero-day exploits to ransomware attacks, IT professionals have been kept on their toes.

One of the most high-profile zero days of the year is PrintNightmare, a vulnerability impacting supported versions of Windows. Jason Slagle, VP of technology at CNWR IT Consultants, described it as a "flipping gift that keeps on giving," with updates occurring every week. The PrintNightmare vulnerability has caused significant printer-related issues for 30% to 40% of CNWR IT Consultants' service desk time.

The Kaseya ransomware attack, another top threat of the year, was caused by zero days in the company's on-premise VSA product. The manufacturer of the affected product was the company Kaseya. This attack was so impactful that it was the top security concern for the industry this year, according to Tegelaar.

Trust is not yet automated, which makes these options risky. Both turning off automatic updates and changing partnerships with managed service providers are potential strategies for defending against zero days, but they come with their own set of risks.

Corporate stakeholders are increasingly interested in understanding the risk calculus of their technology stacks, asking the question: Are we a target? Research from JumpCloud shows that security breaches, hacks, and ransomware are the top three concerns for IT professionals in 2021.

The Microsoft Exchange hack and the subsequent ransomware attacks have raised awareness for what managed service providers (MSPs) are, both in good and bad ways, according to Matthew Fox, creative director at Valiant Technology.

Security teams are often faced with the problem of prioritization, as companies remediate threats as the exploits are taking place. Mandiant found that the number of zero days in 2021 is already double the total amount from 2020.

With remote or hybrid work being the norm, companies cannot rely on static controls to fend off threats. Kelvin Tegelaar, CTO of Lime Networks, states that PrintNightmare did not cause too much chaos for his company, as a majority of their clients are cloud-based.

The events of 2021, including the Microsoft Exchange hack, have given Matthew Fox, who used to work in various IT jobs before leaving "hands-on IT," a sense of paranoia and anxiety similar to when he ran IT departments.

In response to the PrintNightmare vulnerability, CNWR IT Consultants initially turned off printing functionality. However, a patch was not available for several Mondays following its discovery.

Zero days are an especially easy point of access for different threat actors and tools for chain attacks. They pose a significant threat to the security of any organisation, making it crucial for IT professionals to stay vigilant and proactive in their approach to security.

Cyberattacks of 2021 that sparked the most fear among IT and security professionals